diff --git a/handlers/main.yml b/handlers/main.yml index 11155a9..2114711 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,2 +1,5 @@ --- -# handlers file for ansible_bootstrap \ No newline at end of file +# handlers file for ansible_bootstrap + + - name: restart ssh + service: name=sshd state=restarted \ No newline at end of file diff --git a/tasks/main.yml b/tasks/main.yml index b23ebf1..a46fb5d 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,8 +1,8 @@ --- # tasks file for ansible_bootstrap -- name: "install python" - raw: pacman -Sy python --noconfirm +- name: "install python and archlinux-keyring" + raw: pacman -Sy python archlinux-keyring --noconfirm - name: sudoers install pacman: @@ -56,4 +56,12 @@ owner: "{{username}}" # not required. Name of the user that should own the file/directory, as would be fed to I(chown). with_items: - id_rsa - - authorized_keys \ No newline at end of file + - authorized_keys + +- name: Remove root SSH access + lineinfile: + dest: /etc/ssh/sshd_config + regexp: "^PermitRootLogin" + line: "PermitRootLogin no" + state: present + notify: restart ssh \ No newline at end of file